From London Hackspace Wiki
Jump to navigation Jump to search
Hackspace Unknown.png
Model Virtual
Sub-category Systems
Status Good working order
Last updated 23 November 2018 17:33:32
Consumables Unknown
Accessories Unknown
Training requirement yes
Training link Unknown
ACnode no
Owner LHS
Origin Sponsorship
Location A Bitfolk datacenter
Maintainers The Trustees


Runs the UK Hackspace website and hosts wikis for any spaces that want. Also hosts the membership system and forwards the webcams for London Hackspace.


Named after Alan Turing.

See also: System naming


Access is limited to Trustees only since it contains the membership db.


Turing has an LDAP db on it that is replicated to ldap-secondary (Hackspace VM in Wembley) for use on machines in the space.

Turing has iptables rules that allow access to the LDAP server from ldap-secondary (Hackspace VM).

We use a schema that is compatible with Samba for 2 reason:

  • We might want user logins to Samba at some point
  • The sambaNTPassword attribute is understood by FreeRADIUS and is needed for MS-CHAP auth for spacefed.

however the sambaNTPassword hash is quite weak, and the sambaLMPassword hash is silly, so ideally:

  • the sambaLMPassword attribute would contain nonsense that can never be authenticated against
  • the sambaNTPassword attribute would be for a different password from the userPassword

Currently we are not adding sambaLMPassword attribute's to the database.

cheat sheet at the moment

list a users details

smbldap-usershow <username>


smbldap-userinfo -l <username>

add a user to a group

smbldap-usermod -G +<groupname> <username>

List the members of a group

smbldap-groupshow <group name>

Remove a member from a group

smbldap-usermod -G -<groupname> <username>

Edit the acl's

(assuming ldapvi is installed)

ldapvi -Y EXTERNAL -h ldapi:/// -b olcDatabase={1}hdb,cn=config -v  "(olcAccess=*)" olcAccess


  • might need to add an index to memberUid

Changes to tools on Turing

The smbldap tools were patched with these patches

... and a few others, you can see them all here:


IP (


These run as daemons automatically:

  • Apache
  • postgres
  • mjpegproxy-webcams (in screen, no logging)